Hi Roland,
Thanks for your reply. Unfortunately, it's a
little more complicated than that.
The people relaying off the server, are using
the email address of the domain hosted on the server.
So, the spammers are using [EMAIL PROTECTED], and it's going through
without authentication because 127.0.0.1 is in the privileged IP range.
Of course, turning off the 127.0.0.1 stops
un-authorized relaying, but also stops the Tango server from sending auto
email. Unless the Tango server can send a username & password for
authentication.
We've blocked a huge list of IP's, but they're
spoofing IP's off other Comcast & AT&T DSL customers.
Fun, fun, fun!
Hold on.
Something’s amiss in your mail server setup.
IF you have relay enabled
from 127.0.0.1 AND you have a mail server on the same machine AND you have
authentication turned on for outside IP addresses, the mail server should
still be requiring authentication from outside people trying to use you as an
open relay.
I have that setup (webstar) and can see the steady stream
of attempted relays being blocked.
You can turn authentication off for
your internal and trusted networks, including 127.0.0.1 and the IP address of
your witango machine Authentication required for everyone else Use your
firewall/router not not let in IP spoofers using 127. Or your server’s IP
address
Then, when the spammer is sending messages trying to exploit
the open relay, the mail server will reject because the IP address is the
originating machine or server, not your own. If they are trying to spoof your
Ip address, the mail won’t get in.
Check your detailed smtp log and
you’ll see where your hole is.
On 11/1/04 10:34 AM, "Rick
Sanders" <[EMAIL PROTECTED]> wrote:
I have a client
who's having email relay problems.
Basically,
people are relaying off his email server. He's turned off relay for local
sender addresses, and enabled SMTP authentication.
However, he's
had to let his local machine IP 127.0.0.1 for access to the mail server,
because WiTango needs to send automatic email. However, because of this,
anyone can still relay mail off the server.
The
question:
Is it possible for the WiTango server to send a username &
password to the mail server for outbound authentication? I know that WiTango
can use a specific email address, but can it send a Username & password
for authentication?
The server is
version 2000 with SP2.
Thanks in
advance,
Rick Sanders
________________________________________________________________________ TO
UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
----------------------------------------- Roland
Dumas Roberts Information Services 310 W. Bellevue Avenue San Mateo
CA 94402 650-347-1373 415-412-9300
(cell) [EMAIL PROTECTED] SMS: http://new.servqual.com/html/sms.tml
________________________________________________________________________
TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
________________________________________________________________________
TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
|